Portfolio-Backend/Program.cs at main · himanshuskg/Portfolio-Backend · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.EntityFrameworkCore;
using Microsoft.IdentityModel.Tokens;
using Portfolio.Api.Configurations;
using Portfolio.Api.Data;
using Portfolio.Api.Handlers;
using Portfolio.Api.Services.Implementation;
using Portfolio.Api.Services.Interfaces;
using Serilog;
using System.Text;
using System.Threading.RateLimiting;

var builder = WebApplication.CreateBuilder(args);

// Logging Configuration
Log.Logger = new LoggerConfiguration().ReadFrom.Configuration(builder.Configuration)
                                      .WriteTo.Console()
                                      .WriteTo.File("logs/portfolio-log.txt", fileSizeLimitBytes: 10 * 1024 * 1024, // 10MB
                                                                             rollOnFileSizeLimit: true,
                                                                             retainedFileCountLimit: 3)
                                      .CreateLogger();
builder.Host.UseSerilog();

// Database & Core Services
builder.Services.AddDbContext<AppDbContext>(options => options.UseSqlServer(builder.Configuration.GetConnectionString("DefaultConnection")));

builder.Services.AddMemoryCache();
builder.Services.AddControllers();
builder.Services.AddEndpointsApiExplorer();
builder.Services.AddSwaggerGen();

// Security Settings & DI
builder.Services.Configure<SmtpSettings>(builder.Configuration.GetSection("SmtpSettings"));
builder.Services.Configure<SecuritySettings>(builder.Configuration.GetSection("SecuritySettings"));

var securitySettings = builder.Configuration.GetSection("SecuritySettings").Get<SecuritySettings>();

// Rate limiting
builder.Services.AddRateLimiter(options =>
{
    options.AddPolicy("authPolicy", httpContext =>
        RateLimitPartition.GetFixedWindowLimiter(
            partitionKey: httpContext.Connection.RemoteIpAddress?.ToString() ?? "anonymous",
            factory: partition => new FixedWindowRateLimiterOptions
            {
                AutoReplenishment = true,
                PermitLimit = 5,
                Window = TimeSpan.FromMinutes(1),
                QueueLimit = 0
            }));
    // Policy for Contact/Feedback (3 requests per 10 minutes)
    options.AddPolicy("fixed", httpContext =>
        RateLimitPartition.GetFixedWindowLimiter(
            partitionKey: httpContext.Connection.RemoteIpAddress?.ToString() ?? "anonymous",
            factory: partition => new FixedWindowRateLimiterOptions
            {
                AutoReplenishment = true,
                PermitLimit = 3,
                Window = TimeSpan.FromMinutes(10),
                QueueLimit = 0
            }));
    options.RejectionStatusCode = StatusCodes.Status429TooManyRequests;
});
// Authentication
builder.Services.AddAuthentication(options => {
    options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
    options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(options => {
    options.TokenValidationParameters = new TokenValidationParameters
    {
        ValidateIssuer = true,
        ValidateAudience = true,
        ValidateLifetime = true,
        ValidateIssuerSigningKey = true,
        ValidIssuer = securitySettings.Issuer,
        ValidAudience = securitySettings.Audience,
        IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(securitySettings.JwtKey)),
        ClockSkew = TimeSpan.Zero
    };
});
builder.Services.AddAuthorization();
// CORS Policy
builder.Services.AddCors(options => {
    options.AddPolicy("DevPolicy", policy => {
        policy.WithOrigins("http://localhost:5173", "http://localhost:3000") // Vite & CRA ports
              .AllowAnyMethod()
              .AllowAnyHeader()
              .AllowCredentials(); // Required if sending cookies/auth headers
    });
});
builder.Services.AddScoped<IAuthService, AuthService>();
builder.Services.AddScoped<MailService>();
builder.Services.AddExceptionHandler<GlobalExceptionHandler>();
builder.Services.AddProblemDetails();

var app = builder.Build();

// Middleware Order Matters
app.UseExceptionHandler();
if (app.Environment.IsDevelopment())
{
    app.UseSwagger();
    app.UseSwaggerUI();
}
app.UseHttpsRedirection();
app.UseRouting();
app.UseCors("DevPolicy");
app.UseRateLimiter();
app.UseAuthentication();
app.UseAuthorization();
app.MapControllers();

using (var scope = app.Services.CreateScope())
{
    var services = scope.ServiceProvider;
    var context = services.GetRequiredService<AppDbContext>();
    string adminEmail = securitySettings.RecieverEmail;
    await DbSeeder.SeedDataAsync(context, adminEmail);
}

try
{
    Log.Information("Cosmos Satellite (API) Online...");
    app.Run();
}
catch (Exception ex)
{
    Log.Fatal(ex, "Satellite Crash during startup.");
}
finally
{
    Log.CloseAndFlush();
}